pockint: portable OSINT Swiss Army Knife for DFIR/OSINT professionals 10-09-2019, 11:14 AM
#1
Why use it? POCKINT is designed to be simple, portable and powerful.
Simple: There are a plethora of awesome OSINT tools out there. Trouble is they either require analysts to be reasonably comfortable with the command line (think pOSINT) or give you way too many features (think Maltego). POCKINT focuses on simplicity: INPUT > RUN TRANSFORM > OUTPUT … rinse and repeat. It’s the ideal tool to get results quickly and easily through a simple interface.
Portable: Most tools either require installation, a license or configuration. POCKINT is ready to go whenever and wherever. Put it in your jump kit USBs, investigation VMs or laptop and it will just run. Nobody needs graphs on an incident response ??
Powerful: POCKINT combines cheap OSINT sources (whois/DNS) with the power of specialized APIs. From the get-go, you can use a suite of in-built transforms. Add in a couple of API keys and you can unlock even more specialized data mining capabilities.
The beta version is capable of running the following data mining tasks:
Domains
dns: ip lookup
dns: mx lookup
dns: txt lookup
dns: ns lookup
virustotal: downloaded samples
virustotal: detected urls
virustotal: subdomains
IP Adresses
dns: reverse lookup
shodan: ports
shodan: geolocate
shodan: coordinates
shodan: cves
shodan: isp
shodan: city
shodan: asn
virustotal: network report
virustotal: communicating samples
virustotal: downloaded samples
virustotal: detected urls
Urls
dns: extract hostname
virustotal: malicious check
virustotal: reported detections
Hashes
virustotal: malicious check
virustotal: malware type
Emails
extract domain
Scan
https://metadefender.opswat.com/results#...r/overview
Dowload
https://anonfiles.com/B5g4X57cnc/pockint_rar
password : ierihon
Simple: There are a plethora of awesome OSINT tools out there. Trouble is they either require analysts to be reasonably comfortable with the command line (think pOSINT) or give you way too many features (think Maltego). POCKINT focuses on simplicity: INPUT > RUN TRANSFORM > OUTPUT … rinse and repeat. It’s the ideal tool to get results quickly and easily through a simple interface.
Portable: Most tools either require installation, a license or configuration. POCKINT is ready to go whenever and wherever. Put it in your jump kit USBs, investigation VMs or laptop and it will just run. Nobody needs graphs on an incident response ??
Powerful: POCKINT combines cheap OSINT sources (whois/DNS) with the power of specialized APIs. From the get-go, you can use a suite of in-built transforms. Add in a couple of API keys and you can unlock even more specialized data mining capabilities.
The beta version is capable of running the following data mining tasks:
Domains
dns: ip lookup
dns: mx lookup
dns: txt lookup
dns: ns lookup
virustotal: downloaded samples
virustotal: detected urls
virustotal: subdomains
IP Adresses
dns: reverse lookup
shodan: ports
shodan: geolocate
shodan: coordinates
shodan: cves
shodan: isp
shodan: city
shodan: asn
virustotal: network report
virustotal: communicating samples
virustotal: downloaded samples
virustotal: detected urls
Urls
dns: extract hostname
virustotal: malicious check
virustotal: reported detections
Hashes
virustotal: malicious check
virustotal: malware type
Emails
extract domain
Scan
https://metadefender.opswat.com/results#...r/overview
Dowload
https://anonfiles.com/B5g4X57cnc/pockint_rar
password : ierihon
![[+]](https://sinister.ly/images/modern/collapse_collapsed.png)
![[Image: iQDVDdD.gif]](https://imgur.com/iQDVDdD.gif)